Sharing Individual Participant Data in the UK
Late last year, the BMC Medicine Journal published the recommended guidelines, “How should individual participant data (IPD) from clinical trials be shared?”.
This paper was intended to offer cohesive guidelines for sharing clinical research specific to publicly funded trials, where transparency is paramount. While very specific to the UK, there are lessons here which can be applied on the other side of the pond.
The researchers behind the work developed their guidelines over the four phases of a clinical trial. They focused on policy documents, surveys, expert committees and consultations. According to their guidelines, they recommend the following good practice principles:
- “The use of a controlled access approach, using a transparent and robust system to review requests and provide secure data access.” They specifically mention anonymisation. (In Canada, we spell it with a ‘z’, and in the US this is referred to as de-identification).
- “Seeking consent for sharing IPD from trial participants in all future clinical trials with adequate assurance that patient privacy and confidentiality can be maintained.” This is an excellent point for the sake of transparency; however, in cases where consent is difficult to obtain, anonymisation/de-identification is key. The de-identification practices must be defensible and robust.
- “Establishing an approach to resource the sharing of IPD which would include support from trial funders, sponsor organisations and users of IPD.” This recommendation puts the onus on all levels to protect participant privacy.
So far their guidance has been endorsed by Cancer Research UK, MRC Methodology Research Programme Advisory Group, Wellcome Trust and the Executive Group of the UKCRC Registered CTU Network. The National Institute for Health Research (NIHR) has also confirmed it is supportive of the application of this guidance. This follows the same vein we see in North America and continental Europe – more standards and best practice guides for clinical trials are emerging from the Institute of Medicine, TransCelerate, PhUSE, Project Data Sphere and European Medicines Agency. For the most part these standards recommend a risk-based approach to de-identification, something we don’t see here. (For more on these standards, please watch out webinar, De-Identification 201.)
The ultimate goal of all these guidelines and standards is improving transparency, protecting participants (and clinical trials organizers) and expanding the amount of information available for research.
While these recommendations do not follow a risk-based approach, more standards for sharing health data are always welcomed. With enough being put out into the public discourse, we can see real change happen to the legal framework, too.
- Turn Data Assets into Business Opportunity Under CCPADecember 19, 2019
- How does risk-based anonymization work?December 18, 2019
- Why should I use Expert Determination over Safe Harbor?December 18, 2019
- What do I need to know about GDPR, HIPAA and CCPA to meet our regulatory and privacy obligations?December 18, 2019
- Should we invest in building our own de-identification capability?December 17, 2019
- GDPR and The Future of Clinical Trials Data SharingMarch 18, 2019
- Advancing Principled Data Practices in Support of Emerging TechnologiesMarch 15, 2019
- “Zero Risk Does Not Exist”February 7, 2019
- Is Anonymization Possible with Current Technologies?January 9, 2019
- Comparing the benefits of pseudonymisation and anonymisation under the GDPRDecember 20, 2018